Add Universign timestamp API query

2019-06-06 10:47:51 +02:00 · 2019-06-06 10:47:51 +02:00 · dace9a53d3
commit dace9a53d3
parent e16cb731c5
6 changed files with 102 additions and 0 deletions
--- a/app/lib/universign/api.rb
+++ b/app/lib/universign/api.rb
@ -0,0 +1,40 @@
+class Universign::API
+  ## Universign Timestamp POST API
+  # Official documentation is at https://help.universign.com/hc/fr/articles/360000898965-Guide-d-intégration-horodatage
+
+  def self.ensure_properly_configured!
+    if userpwd.blank?
+      raise StandardError, 'Universign API is not properly configured'
+    end
+  end
+
+  def self.timestamp(data)
+    ensure_properly_configured!
+
+    response = Typhoeus.post(
+      UNIVERSIGN_API_URL,
+      userpwd: userpwd,
+      body: body(data)
+    )
+
+    if response.success?
+      response.body
+    else
+      raise StandardError, "Universign timestamp query failed: #{response.status_message}"
+    end
+  end
+
+  private
+
+  def self.body(data)
+    {
+      'hashAlgo': 'SHA256',
+      'withCert': 'true',
+      'hashValue': data
+    }
+  end
+
+  def self.userpwd
+    Rails.application.secrets.universign[:userpwd]
+  end
+end
--- a/config/env.example
+++ b/config/env.example
@ -66,3 +66,6 @@ TRUSTED_NETWORKS=""
 SKYLIGHT_AUTHENTICATION_KEY=""

 LOGRAGE_ENABLED="disabled"
+
+UNIVERSIGN_API_URL=""
+UNIVERSIGN_USERPWD=""
--- a/config/initializers/urls.rb
+++ b/config/initializers/urls.rb
@ -7,6 +7,7 @@ API_GEO_SANDBOX_URL = ENV.fetch("API_GEO_SANDBOX_URL", "https://sandbox.geo.api.
 HELPSCOUT_API_URL = ENV.fetch("HELPSCOUT_API_URL", "https://api.helpscout.net/v2")
 PIPEDRIVE_API_URL = ENV.fetch("PIPEDRIVE_API_URL", "https://api.pipedrive.com/v1")
 SENDINBLUE_API_URL = ENV.fetch("SENDINBLUE_API_URL", "https://in-automate.sendinblue.com/api/v2")
+UNIVERSIGN_API_URL = ENV.fetch("UNIVERSIGN_API_URL", "https://ws.universign.eu/tsa/post/")

 # Internal URLs
 FOG_BASE_URL = "https://static.demarches-simplifiees.fr"
--- a/config/secrets.yml
+++ b/config/secrets.yml
@ -64,6 +64,8 @@ defaults: &defaults
  crisp:
    enabled: <%= ENV['CRISP_ENABLED'] == 'enabled' %>
    client_key: <%= ENV['CRISP_CLIENT_KEY'] %>
+  universign:
+    userpwd: <%= ENV['UNIVERSIGN_USERPWD'] %>



@ -90,6 +92,8 @@ test:
    token_endpoint: https://bidon.com/endpoint
    userinfo_endpoint: https://bidon.com/endpoint
    logout_endpoint: https://bidon.com/endpoint
+  universign:
+    userpwd: 'fake:fake'

 # Do not keep production secrets in the repository,
 # instead read values from the environment.
--- a/spec/fixtures/cassettes/universign.yml
+++ b/spec/fixtures/cassettes/universign.yml
@ -0,0 +1,43 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://ws.universign.eu/tsa/post/
+    body:
+      encoding: UTF-8
+      string: hashAlgo=SHA256&hashValue=d28d6c7742c6c77025a104b81750ce8dc5f7dba2d01d9b5f4cad828f02b2324b&withCert=true
+    headers:
+      User-Agent:
+      - demarches-simplifiees.fr
+      Expect:
+      - ''
+      Authorization:
+      - Basic cmllbiBpY2kK=
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Fri, 17 May 2019 10:05:12 GMT
+      Server:
+      - Apache
+      Cache-Control:
+      - no-cache
+      Pragma:
+      - no-cache
+      Content-Type:
+      - application/octet-stream
+      Set-Cookie:
+      - CGSESSIONID=A3D72C1B0D07C073CFE68597B3FBF1B6E639C351;Path=/;Version=0
+      X-Ua-Compatible:
+      - IE=Edge
+      Transfer-Encoding:
+      - chunked
+    body:
+      encoding: ASCII-8BIT
+      string: !binary |-
+        MIIHvAYJKoZIhvcNAQcCoIIHrTCCB6kCAQMxDzANBglghkgBZQMEAgEFADCBxwYLKoZIhvcNAQkQAQSggbcEgbQwgbECAQEGBCoDBAUwMTANBglghkgBZQMEAgEFAAQg0o1sd0LGx3AloQS4F1DOjcX326LQHZtfTK2CjwKyMksCFQCGAZpWDFVXaMOe1wHG3iVRUofhGxgTMjAxOTA1MTcxMDA1MTIuNTUyWjADgAEBAQH/oD+kPTA7MQswCQYDVQQGEwJGUjESMBAGA1UEChMJQ3J5cHRvbG9nMRgwFgYDVQQDEw9UZXN0IFRTQSAtIFRVIDWgggReMIIEWjCCA0KgAwIBAgIUdG+qwQPj0VPrIVMSA2dAelI+Cf8wDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCRlIxEjAQBgNVBAoTCUNyeXB0b2xvZzEgMB4GA1UEAxMXVGVzdCBVbml2ZXJzaWduIENBIDIwMTgwHhcNMTgxMjA0MjMwMDAwWhcNMjUxMTMwMjMwMDAwWjA7MQswCQYDVQQGEwJGUjESMBAGA1UEChMJQ3J5cHRvbG9nMRgwFgYDVQQDEw9UZXN0IFRTQSAtIFRVIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpgkQuUvnZC5a+EbND79BnJuNypMJA0NLKJCqERBKi13WqXid5w7HNKkoIjQtYmxNhfx9b5PeVvTuaGFgMNajAqxwOwA78bqsKhyN/UNL1WYCZSMXiy2TTKvSNs4Ea50Ymu3lkOm/223d1KJhtjT69AlZz18OIXCuIvROr1vPfNvww2GE3RSpV9ro+Ip09oq2KQ5ylAxBSdt4ZoTQvZDDvHxELbjBOEJBe2T9f3KdZR+irl3sRScDtHTPE0lT58c3iKBBqdwFJSYE/KpSW0lD8HCMjZui4jNnHD6WcTo+KASPYxB9OSpM2KJ0NyCp7PrSQIL6o8H5c6nSQLUK+DMQbAgMBAAGjggFMMIIBSDAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFInD+siND0GFha6Rko94dOCVD8cdMIGTBggrBgEFBQcBAQSBhjCBgzAzBggrBgEFBQcwAYYnaHR0cDovL3BraS1yZWNldHRlLnVuaXZlcnNpZ24uY29tOjgwMjIvMEwGCCsGAQUFBzAChkBodHRwczovL3BraS1yZWNldHRlLnVuaXZlcnNpZ24uY29tL2NlcnRpZmljYXRlL3VuaXZlcnNpZ24tY2EuY2VyMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6Ly9wa2ktcmVjZXR0ZS51bml2ZXJzaWduLmNvbS9jcmwvdW5pdmVyc2lnbi1jYS5jcmwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwHwYDVR0jBBgwFoAUUJIhO5u6g1uzzgr2ksBY7IzFBHkwDQYJKoZIhvcNAQELBQADggEBAFZNY26oPFCca9Yv/fohsDPvhgXt7Ko+v6eLVMo1AtK2kC5XfWFp69Tv3QyJNLl/Z8wRtKQv3/g7eGkJFQDmD2n5g2CJABaYxG/4c8bN/lYQR27VVVRENaAxwbjbYo04mQ50asZgFfefrYydp59cbvDji74+jywjHc+kFv7Ty8JpAgVVMhjZ+8SyXqzc1ODiCz9R5ZBx8BKZbmixW15N/21NyMF/e0J7hJrS1CGkqSZ/MPIAXqJhFaqeeuk/m0pya2F1DG+tCQF25mZj5NMwqRrdH/jsoLnSmV70WT7kwTIxDFb+a1ec9TWAH/8t87waYBV2hIZe/piNB0szOcTRXwgxggJlMIICYQIBATBbMEMxCzAJBgNVBAYTAkZSMRIwEAYDVQQKEwlDcnlwdG9sb2cxIDAeBgNVBAMTF1Rlc3QgVW5pdmVyc2lnbiBDQSAyMDE4AhR0b6rBA+PRU+shUxIDZ0B6Uj4J/zANBglghkgBZQMEAgEFAKCB3DAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwLwYJKoZIhvcNAQkEMSIEIKYzfvcT1DFcu5RhtfRnC3938fFuOuGKbMtkj0ihg0eJMIGMBgsqhkiG9w0BCRACDDF9MHsweTB3BBSo55pEUwOP+3HqXuFzE96z9mmjsjBfMEekRTBDMQswCQYDVQQGEwJGUjESMBAGA1UEChMJQ3J5cHRvbG9nMSAwHgYDVQQDExdUZXN0IFVuaXZlcnNpZ24gQ0EgMjAxOAIUdG+qwQPj0VPrIVMSA2dAelI+Cf8wDQYJKoZIhvcNAQELBQAEggEATud6KAo3mPxhk4OpV1eNKAzml2uC7TAjlxrWAS1wRZgSJD35zt3/K9NoDLGxT+k9POLmxqEi8AGE4PZxArveTmTBe2QHQEk3jVsRuQFbu3jzf7Q0iGlUrJVK8Y4ndhGFPxhUdUKSjMHoG7nxhLD2OddcRZf7TtAuizhfYNGyFB8zwKleVxA1z61Jb6GjdKEGTV4H09d7xKVz6ov43Q6277STqTSgQ8VWlvC2pnhDjwq1D+Ehex9//PU2Qa9XHJnjz68E+BR8yyMWkipOHbqmjNflkoeXb2hVo8bpaA9oMmJLvHMvq7O65LESIZKrVYIbUiMKn1G5E4muyafMTFfdpQ==
+    http_version:
+  recorded_at: Fri, 17 May 2019 10:05:12 GMT
+recorded_with: VCR 4.0.0
--- a/spec/lib/universign/api_spec.rb
+++ b/spec/lib/universign/api_spec.rb
@ -0,0 +1,11 @@
+require 'spec_helper'
+
+describe Universign::API do
+  describe '.request_timestamp', vcr: { cassette_name: 'universign' } do
+    subject { described_class.timestamp(digest) }
+
+    let(:digest) { Digest::SHA256.hexdigest("CECI EST UN HASH") }
+
+    it { is_expected.not_to be_nil }
+  end
+end